On Oct 17, 2007, at 4:16 PM, Ugo Bellavance wrote:
Are TCP packets automatically accepted by pfsense or should I open
TCP/53 at wide? I query DNS servers directly, I don't use my ISP's
DNS servers for many reasons, so I can't just open TCP/53 for these
DNS servers.
enable the DNS proxy on pfsense. it will use the public DNS servers
you configure. then point your clients to the pfsense proxy (which
DHCP on pfsense will do automatically).
end of problem.
on my office LAN, I have a local DNS server that has a 1:1 mapping on
pfsense, and for that host, I have allow rules for 53/tcp+udp for DNS
to work.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
